{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:80dce952-0303-5680-ba0c-9868ca647b14", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.2.0.RELEASE-tuxcare.1", "purl": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cb9ac67d-82d9-5aae-8a70-2134ce2c2ee2", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:399fcf03-f4ec-5fc6-8e97-d809ec784d38", "id": "CVE-2020-5397", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-5397 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae444840-8540-5eb1-922f-259727ae6d28", "id": "CVE-2020-5398", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5398 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:941f7645-4431-55f7-94f8-a80e180c533e", "id": "CVE-2020-5421", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-5421 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd74f5f0-ef26-5ca1-9335-9e6763340cea", "id": "CVE-2021-22060", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22060 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:688af37d-a44a-5c0f-80e7-6c26311824a6", "id": "CVE-2021-22096", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22096 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1108fcb9-4670-59c8-8fb7-fdc0b6ee5a1b", "id": "CVE-2021-22118", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-22118 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:888a73be-a102-5d2f-a9dc-f3ee0d127e18", "id": "CVE-2022-22950", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22950 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3000a469-0cd8-513a-869b-a6320e45b304", "id": "CVE-2022-22965", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22965 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa6f7894-36b9-5d35-893c-3d5ba427a678", "id": "CVE-2022-22968", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22968 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d082507b-c8ce-58d4-952c-54886181f7cd", "id": "CVE-2022-22970", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22970 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:392e5838-312c-58da-9ced-bd7d9ca1409e", "id": "CVE-2022-22971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-22971 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8197edbc-1766-531f-a70b-ed65ab50af8b", "id": "CVE-2023-20861", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-20861 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0abea65-cbe0-56d4-b933-8e3478d8c194", "id": "CVE-2023-20863", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-20863 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d3585f6-5a06-52cb-880b-9746b35c2fb6", "id": "CVE-2024-22243", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22243 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b76c9672-4a37-54b4-9a70-8957560e25fa", "id": "CVE-2024-22259", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22259 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbba911d-6d7a-5a9d-b649-b89d6c316a01", "id": "CVE-2024-22262", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22262 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14d5dee2-62c9-5e1a-ada9-9189c95bf336", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:870edb51-1bef-50ee-8900-d67168b0bb2d", "id": "CVE-2024-38809", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-38809 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc12d4c7-e98f-50f4-8aaf-3747c35d12ff", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15ad4dbf-7604-501b-ae1d-c93755a13ac0", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ace03e98-4ee0-5201-aa1d-d5098c72a466", "id": "CVE-2025-22233", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-22233 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e762abec-ff20-515f-bd78-e537ab830759", "id": "CVE-2025-41242", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41242 is fixed in version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cf93639-ed07-5153-86cb-62dfae003913", "id": "CVE-2025-41249", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-41249 is a false positive for org.springframework:spring-messaging 5.2.0.RELEASE-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a9f5594-f384-5a34-a892-0b55f9704503", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:321af25f-aa40-59ed-a88f-39686cc3edf0", "id": "CVE-2026-22740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22740 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4a55f0c-030a-507c-b390-5b5e6723257f", "id": "CVE-2026-22741", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22741 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e994a241-3dc0-583b-b4a5-14fce8c67217", "id": "CVE-2026-22745", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22745 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b58ed57f-02e8-577e-80ec-8fda5b94a275", "id": "CVE-2026-41838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41838 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8576205a-a288-523c-95e5-d8d8787154df", "id": "CVE-2026-41839", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41839 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62ae8dd7-64bc-579e-95a3-8f9bea2707c5", "id": "CVE-2026-41840", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41840 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe8cc211-f393-5cda-9630-556212dbd1e8", "id": "CVE-2026-41841", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41841 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77ae938a-09ff-5c5d-b356-43f4b5c5f653", "id": "CVE-2026-41842", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41842 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de96a962-b040-5b4e-8606-b494c955b57c", "id": "CVE-2026-41843", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41843 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:750fd786-f201-5fbf-8dd4-908639571ead", "id": "CVE-2026-41844", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41844 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49c1fbdc-69e2-5997-8c8d-ef240f498908", "id": "CVE-2026-41845", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41845 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5d0d09d-d769-591f-a232-c8cbe0aa9b07", "id": "CVE-2026-41846", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41846 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0282510e-e360-5621-8a0e-9a5350703fca", "id": "CVE-2026-41847", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41847 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72da52c5-0b61-53d4-aa8a-d6bccd331955", "id": "CVE-2026-41848", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41848 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f95ff798-aac9-55a3-bd9f-d7e236bc5c08", "id": "CVE-2026-41849", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41849 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbb79442-5669-57bc-baf5-f7a458195d8d", "id": "CVE-2026-41850", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41850 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56b422a3-ff70-5f0f-9715-69d42199e1a0", "id": "CVE-2026-41851", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41851 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:419c20eb-d24a-51f8-88f3-ca7ed54a979c", "id": "CVE-2026-41852", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41852 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29dda042-83c7-5c10-b06d-76a943ead248", "id": "CVE-2026-41853", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41853 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35a41b45-826c-5997-947e-e7852df40490", "id": "CVE-2026-41855", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-41855 affects version 5.2.0.RELEASE-tuxcare.1 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.2.0.RELEASE-tuxcare.1" } ] }